Sure Pass Exam SPLK-1003 PDF

Splunk Enterprise Certified Admin Questions and Answers

Question 53

What is the correct order of steps in Duo Multifactor Authentication?

1 Request Login2. Connect to SAML server3 Duo MFA4 Create User session5 Authentication Granted 6. Log into Splunk

1. Request Login 2 Duo MFA3. Authentication Granted 4 Connect to SAML server5. Log into Splunk6. Create User session

1 Request Login2 Check authentication / group mapping3 Authentication Granted4. Duo MFA5. Create User session6. Log into Splunk

1 Request Login 2 Duo MFA3. Check authentication / group mapping4 Create User session5. Authentication Granted6 Log into Splunk

Question 54

Which of the following must be done to define user permissions when integrating Splunk with LDAP?

Map Users

Map Groups

Map LDAP Inheritance

Map LDAP to Active Directory

Question 55

Which of the following statements apply to directory inputs? {select all that apply)

All discovered text files are consumed.

Compressed files are ignored by default

Splunk recursively traverses through the directory structure.

When adding new log files to a monitored directory, the forwarder must be restarted to take them into account.

Question 56

What action is required to enable forwarder management in Splunk Web?

Navigate to Settings > Server Settings > General Settings, and set an App server port.

Navigate to Settings > Forwarding and receiving, and click on Enable Forwarding.

Create a server class and map it to a client inSPLUNK_HOME/etc/system/local/serverclass.conf.

Place an app in theSPLUNK_HOME/etc/deployment-appsdirectory of the deployment server.